To set up a restricted sftp server you should use the "ForceCommand" and "ChrootDirectory" directives in sshd_config.
If you don't want to restrict every user, you should also use the "Match" directive to select user(s) or group(s) to apply the restrictions to.
Because of security, sshd ensures the "ChrootDirectory" and each of its components is root-owned and not writable by other users.
So you have to create a new directory within the "ChrootDirectory" what is owned by the restricted user.

Resources: Debian 5 (Lenny), OpenSSH 5.1
Defines:
sftp chrooted group: sftpusergroup
sftp chrooted user: sftpuser
sftpuser's home directory and ChrootDirectory: /home/chroot/sftpuser (root owned)
sftpuser's web directory: /home/chroot/sftpuser/webdir (sftpuser owned)

You could set sftpuser's home directory and ChrootDirectory to /home/sftpuser, but my aim was to separate the restricted users from the full access users.
If you set up the above directory structure and permissions, the restricted users are not able to see other's home directory.

Okay, let's go.

Add a new group, sftpusergroup:

groupadd sftpusergroup

Add a new user, sftpuser:

useradd -g sftpusergroup -s /bin/false -p xxxxx -d /home/chroot/sftpuser 
-m sftpuser

-g: sftpuser primary group (if you want to add sftpuser to other group too, use -G othergroup)
-s: shell access ( /bin/false - because we don't want to add shell access to sftpuser)
-p: password
-d: sftpuser's home directory
-m: create sftpuser's home directory

More info about linux user and group administration here and here

Be sure ChrootDirectory is root owned.

chown root:root /home/chroot/sftpuser
chmod 755 /home/chroot/sftpuser

Now create the user owned directory.

mkdir /home/chroot/sftpuser/webdir
chown sftpuser:sftpusergroup /home/chroot/sftpuser/webdir
chmod 755 /home/chroot/sftpuser/webdir

Okay, we added sftpuser and sftpusergroup, created the necessary directories and permissions, now edit sshd_config:

nano /etc/ssh/sshd_config

Comment the following line:

#Subsystem      sftp    /usr/libexec/sftp-server

Add a new line, or comment out if it exists:

Subsystem sftp internal-sftp

One more new line, it will add sftp login access to the allowed group(s) only:

AlowGroups sftpusergroup

And add the end of the config file the following:

#Chroot for restricted sftp users
Match Group sftpusergroup
ChrootDirectory /home/chroot/u%
FoceCommand internal-sftp

You can also add further critera to the Match Group directive.
AllowTcpForwarding no
X11Forwarding no
etc.

More info about /bin/false security (related to AllowGroups and AllowTcpForwarding) here

Save the config file and reload ssh:

/etc/init.d/ssh reload

Now try to login to the sftp server with sftpuser.

If everything is ok, your sftpuser is locked to the chroot jail /home/chroot/sftpuser/

That's all.

I will write more about OpenSSH security and config soon. Edited! Read my article here.

For the meantime you can read about OpenSSH sftp chroot here